/* Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.flowable.ui.common.rest.idm.remote;

import java.util.ArrayList;
import java.util.List;

import javax.servlet.http.HttpServletRequest;

import org.flowable.idm.api.User;
import org.flowable.ui.common.model.GroupRepresentation;
import org.flowable.ui.common.model.RemoteGroup;
import org.flowable.ui.common.model.RemoteUser;
import org.flowable.ui.common.model.UserRepresentation;
import org.flowable.ui.common.security.DefaultPrivileges;
import org.flowable.ui.common.security.SecurityUtils;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;

import com.daffodil.system.entity.SysRole;
import com.daffodil.system.entity.SysUser;
import com.daffodil.system.util.LoginUserUtils;
import com.daffodil.util.StringUtils;

/**
 * 获取当前用户登录账号
 * @author yweijian
 * @date 2021年11月16日
 * @version 1.0
 * @description
 */
@RestController
@RequestMapping("/app")
public class RemoteAccountResource {

    @RequestMapping(value = "/rest/account", method = RequestMethod.GET, produces = "application/json")
    public UserRepresentation getAccount(HttpServletRequest request) {
        SysUser user = LoginUserUtils.getLoginUser(request);
        UserRepresentation userRepresentation = this.getUserRepresentation(user);
        return userRepresentation;
    }
    
    /**
     * 系统用户转换成功flowable的用户
     * @param sysUser
     * @return
     */
    private UserRepresentation getUserRepresentation(SysUser sysUser){
        if(StringUtils.isNull(sysUser)){
            return null;
        }
        //设置用户即sysuer->user
        User user = new RemoteUser();
        user.setId(sysUser.getLoginName());
        user.setFirstName(sysUser.getLoginName());
        user.setEmail(sysUser.getEmail());
        SecurityUtils.assumeUser(user);
        UserRepresentation userRepresentation = new UserRepresentation(user);

        List<String> privileges = new ArrayList<String>();
        privileges.add(DefaultPrivileges.ACCESS_IDM);
        privileges.add(DefaultPrivileges.ACCESS_MODELER);
        privileges.add(DefaultPrivileges.ACCESS_TASK);
        privileges.add(DefaultPrivileges.ACCESS_ADMIN);
        privileges.add(DefaultPrivileges.ACCESS_REST_API);
        userRepresentation.setPrivileges(privileges);

        List<GroupRepresentation> groups = new ArrayList<GroupRepresentation>();
        List<SysRole> roles = sysUser.getRoles();
        if(StringUtils.isNotEmpty(roles)){
            for(int i = 0; i < roles.size(); i++){
                GroupRepresentation groupRepresentation = this.getGroupRepresentation(roles.get(i));
                groups.add(groupRepresentation);
            }
        }
        userRepresentation.setGroups(groups);

        return userRepresentation;
    }
    
    /**
     * 系统角色转换成flowable的group组
     * @param sysRole
     * @return
     */
    private GroupRepresentation getGroupRepresentation(SysRole sysRole){
        if(StringUtils.isNull(sysRole)){
            return null;
        }
        //设置用户组即SysRole->group
        RemoteGroup group = new RemoteGroup();
        group.setId(sysRole.getId());
        group.setName(sysRole.getRoleName());
        group.setType(sysRole.getRoleKey());
        GroupRepresentation groupRepresentation = new GroupRepresentation(group);

        return groupRepresentation;
    }

}
